Important: Red Hat Security Advisory: Red Hat Virtualization Host security and enhancement update [ovirt-4.4.10] Async #2

An update for redhat-release-virtualization-host and redhat-virtualization-host is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

Moderate: Red Hat Security Advisory: Red Hat OpenStack Platform 16.2 (openstack-nova) security update

An update for openstack-nova is now available for Red Hat OpenStack Platform 16.2 Train. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Citrix Xenserver 7.1CU2 to Citrix Hypervisor 8.2 upgrade gets stuck at Boot Screen for servers with HPE Smart Array

After the Host is booted into the installer kernel it gets stuck at following screen...

Vulnerabilities fixed in Xen

Vulnerabilities have been fixed in Xen Hypervisor. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Xen has released updates to address the...

PT-2022-4165 · Xen +5 · Xen +5

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is caused by synchronization errors when using shared resources in components of the Xen hypervisor, including blkfront, netfront, scsifront, usbfront, dmabuf, xenbus, 9p, kbdfront, a...

PT-2022-4539 · Xen +5 · Xen +5

Name of the Vulnerable Software and Affected Versions: Xen hypervisor affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the scsifront driver of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a...

PT-2022-4540 · Unknown +5 · Xen Hypervisor +5

Name of the Vulnerable Software and Affected Versions: Xen hypervisor affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the blkfront driver of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a...

Driver Disk for Qlogic qla2xxx 10.02.06.03-k - For Citrix Hypervisor 8.2 LTSR

Who Should Install this Driver Disk? Customers on Dell hardware running the Citrix Hypervisor 8.2 LTSR release who use Qlogic's qla2xxx driver and wish to use the latest version of the following: Driver Module| Version ---|--- qla2xxx| 10.02.06.03-k Note: If you use Dell hardware, ensure that you...

Driver Disk for Mellanox mlnxen 5.4-1.0.3.0 - For Citrix Hypervisor 8.2 LTSR

Who Should Install this Driver Disk? Customers running the Citrix Hypervisor 8.2 LTSR release who use Mellanox's mlnxen driver and wish to use the latest version of the following: Driver Module| Version ---|--- mlxcompat| Not applicable mlxfw| Not applicable auxiliary| Not applicable mlx5ib|...

Vulnerability fixed in AMD processors

AMD has fixed a vulnerability with reference CVE-2021-26401 for the Ryzen and Athlon processors. This vulnerability has the same cause as the vulnerability known as Spectre, with attribute CVE-2017-5717. This vulnerability allows a malicious party to obtain sensitive data from the memory of a loc...

Citrix Hypervisor Security Update

An issue has been identified in AMD CPU hardware that may allow code in a guest VM to infer the value of in-memory data in other guest VMs. Although this is not an issue in the Citrix Hypervisor product itself, Citrix is releasinghotfixes that include mitigations for this hardware issue. This iss...

PT-2022-4330 · Unknown +5 · Xen Hypervisor +5

Name of the Vulnerable Software and Affected Versions: Xen hypervisor affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the gntalloc driver of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a...

PT-2022-4166 · Xen +5 · Xen +5

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the xenbus component of the Xen hypervisor. Exploitation of this issue may allow an attacker to cause a denial of...

PT-2022-4164 · Unknown +5 · Xen Hypervisor +5

Name of the Vulnerable Software and Affected Versions: Xen hypervisor netfront component affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the netfront component of the Xen hypervisor. Exploitation of this issue may allow an...

PT-2022-4531 · Xen +5 · Xen +5

Name of the Vulnerable Software and Affected Versions: Xen affected versions not specified Description: The issue is caused by synchronization errors when using a shared resource in the Xen hypervisor's paravirtualization PV mode implementation. This can be exploited to cause a denial of service...

DRAKVUF Sandbox - Automated Hypervisor-Level Malware Analysis System

DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an agent on guest OS. This project provides you with a friendly web interface that allows you to upload suspicious files to be analyzed. Once the sandboxing job is finished...

Driver Disk for Microsemi smartpqi 2.1.16-030 - For Citrix Hypervisor 8.2 LTSR

Who Should Install this Driver Disk? Customers running the Citrix Hypervisor 8.2 LTSR release who use Microsemi's smartpqi driver and wish to use the latest version of the following: Driver Module| Version ---|--- smartpqi| 2.1.16-030 Issues Resolved In this Driver Disk Includes general...

[SECURITY] Fedora 34 Update: xen-4.14.4-1.fc34

This package contains the XenD daemon and xm command line tools, needed to manage virtual machines running under the Xen hypervisor...

Fedora: Security Advisory for xen (FEDORA-2022-0cc3916e08)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Parallels Desktop HDAudio Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the HDAudio...